Cisco Cisco Web Security Appliance S190 Guía Del Usuario
V I E W I N G P A R T I C U L A R D E T A I L E D I N F O R M A T I O N
C H A P T E R 5 : G U I D E L I N E S A N D T I P S
83
V I E W I N G PA R T I C U L A R D E T A I L E D I N F O R M A T I O N
This section includes instructions on how to access and view particular detailed information
stored in the access logs by zooming in on data in a Sec Ops Profile.
stored in the access logs by zooming in on data in a Sec Ops Profile.
Website Activity on a Per Client Basis, Highlighting Top Websites
1. In the Profile, choose the Individual Fields > FIELD: SourceID report.
2. In the report, click the client you want to view.
3. On the Overview report page in the Zoom To Report menu, select the FIELD: URL: Server
report.
Note — You can highlight different categories for the client website activity by choosing a
different field level report in step 3. For example, you can view website activity per client
highlighting particular file extensions downloaded by choosing the FIELD: File Extension
report in step 3.
different field level report in step 3. For example, you can view website activity per client
highlighting particular file extensions downloaded by choosing the FIELD: File Extension
report in step 3.
URL Category Details by Website
1. In the Profile, choose the Resource > Top URL Categories report.
2. In the report, click the URL Category you want to view.
3. On the Overview report page in the Zoom To Report menu, select the FIELD: URL: Server
report.
List All Users for a Particular Website or URL Category
1. In the Profile, choose the Resource > Top Web Sites report or the Resource > Top URL
Categories report.
2. In the report, click the website or URL category you want to view.
3. On the Overview report page in the Zoom To Report menu, select the FIELD: SourceID
report.
List All Websites Visited by Anyone
In the Profile, choose the Resource > Top Web Sites report.
View Client Malware Risk Detailed by Malware
In the Profile, choose the Security > MalwareID / SourceID report.
View Detailed Information About Which Script or File was Blocked
1. In the Profile, choose the Individual Fields > FIELD: Action report.
2. In the report, click the TCP_DENIED link.
3. On the Overview report page in the Zoom To Report menu, select the FIELD: URL: Server
report.
WSA_Sawmill.book Page 83 Tuesday, February 22, 2011 2:54 PM